Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Newbie Metasploit user

  1. #1
    Just burned his ISO
    Join Date
    Mar 2008
    Location
    Italy
    Posts
    17

    Default Newbie Metasploit user

    Hi, this is my first question here and i apologize if this is the wrong section. I'm trying to do some metasploit experience with my lan, but in my case isn't a local hacking but external.

    Make some sense: i'm wireless connected on a wifi lan and i'm on a private address (192.168.1.5), i'm through a router so my ip is natted. My backtrack netbook is configured on a DMZ zone so all connections from internet are being remapped by router to my private address.

    I'm trying to launch some exploits versus one of my server (honeypot lan) that is behind a router and have some portforwarding configured on (port 80,25,443...etc).

    All exploits i run seems to be failing...and i don't know why. I know the honeypot server is running a vulnerable version of some services and i selected the right exploit. So maybe there's something wrong with the configuration (RHOST LHOST...etc etc) of the exploit.

    Can u give some help?

  2. #2
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Can you ping the server from your computer? Is the firewall turned on?

  3. #3
    Junior Member
    Join Date
    Mar 2009
    Posts
    83

    Default

    are you sure that those are the correct exploits that will work on that machine? What else have you tried? Like Lincoln suggested, can you ping? or do anything else to see that the machine is there?

  4. #4
    Just burned his ISO
    Join Date
    Mar 2008
    Location
    Italy
    Posts
    17

    Default

    Absolutely, i ping the server. Better, i ping the router portforwarding the server, and absolutely the exploit is right, cause i installed the vulnerable version!!

    I think the error is on configuring exploit parameters.

  5. #5
    Junior Member
    Join Date
    Mar 2009
    Posts
    83

    Default

    what exploit are you trying to use and what are you setting everything up as?

  6. #6
    Member cr1spyj0nes's Avatar
    Join Date
    Sep 2008
    Posts
    164

    Default

    What exploit are you using? what os is it your exploiting? we will work this out, god i remember my first succesful exploit, was like getting layd fot the first time, lol.
    I would rather be hated for what i am,
    Then loved for what i am not.

  7. #7
    Just burned his ISO
    Join Date
    Mar 2008
    Location
    Italy
    Posts
    17

    Default

    I fired up an exploit versus apache (1.3.x) listening at port 80.

    I run bt3 usb on my netbook (192.168.1.5) natted from my router with public ip address. My ip address is configured as DMZ and all connections from internet to router (from any ip, any port) are redirected to my private address.My server is at 10.0.0.1 natted by a router with a public ip address. Port 80 is portforwarded through the router. So nmap correctly recognize apache server.

  8. #8
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Try to run the exploit with a direct connection at first. Just to eliminate one reason of a possible failure.
    If that works you know that the exploit is working and that you have to change some parameters.
    Tiocfaidh ár lá

  9. #9
    Member cr1spyj0nes's Avatar
    Join Date
    Sep 2008
    Posts
    164

    Default

    what one are you using?
    exploit/windows/http/apache_chunked Apache Win32 Chunked Encoding
    exploit/windows/http/apache_mod_rewrite_ldap Apache module mod_rewrite LDAP protocol Buffer Overflow
    exploit/windows/http/apache_modjk_overflow Apache mod_jk 1.2.20 Buffer Overflow
    I would rather be hated for what i am,
    Then loved for what i am not.

  10. #10
    Just burned his ISO
    Join Date
    Mar 2008
    Location
    Italy
    Posts
    17

    Default

    Quote Originally Posted by KMDave View Post
    Try to run the exploit with a direct connection at first. Just to eliminate one reason of a possible failure.
    If that works you know that the exploit is working and that you have to change some parameters.
    I cannot try direct connection until 10 days cause i'm in holidays many many km away from my office (no vpn possible right now).

    Pls give a hint: does LHOST in exploit is public address of my router right?

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •